Doesn't work with Synology NAS?



  • Trying to fetch the self created and signed certificate from my Synology NAS (DSM 5.0-4493 Update 3, IP:port 192.168.233.19:5001) I'm getting the error: "failed to connect to /192.168.233.19 (port 5001): connect failed: ECONNREFUSED (Connection refused).

    Phone: Huawei U8860, Cyanogenmod 11-20140621-UNOFFICIAL-u8860, Android 4.4.4, Kernel 3.0.101-rc1-perf-gcf023ba-dirty Desalesouche@NoGiveUp-FR #1 Sat Jun 21 03:53:31 CEST 2014


  • developer

    As the error message sais, the connection was refused (by the endpoint). Why do you think this is a CAdroid-related problem?

    Why is there a slash in "/192.168.233.19" – did you enter it?



  • Cause the certificate works with Firefox on MacOSX, for example, but not with CAdroid.
    No, I didn’t enter the slash. It has also looked strange to me.

    I don’t know too much about certificates yet, just starting to learn about this kind of security measures. But with my search strings I didnt’t get too much response from the searching machines.

    Wir könnten die weitere Kommunikation auch in Deutsch führen …

    Regards,
    Odo

    Am 19.08.2014 um 15:03 schrieb rfc2822 notifications@github.com:

    As the error message sais, the connection was refused (by the endpoint). Why do you think this is a CAdroid-related problem?

    Why is there a slash in "/192.168.233.19" – did you enter it?


    Reply to this email directly or view it on GitHub.

    End-to-end-verschlüsselt bin ich unter odo@protonmail.ch zu erreichen.


  • developer

    Is this issue still present with CAdroid 0.9?



  • Unfortunately yes.

    I deinstalled and downloaded and installed CAdroid (0.9.1) again from the PlayStore (F-Droid still has version 0.1)

    The strange „/„ still shows up before the IP-address. Funny is that if I put a „/„ in front of the IP-address I’ll get „///„ in a message (without the connection error) and if I put „//„ I’ll get „////„.

    Am 01.11.2014 um 10:11 schrieb rfc2822 notifications@github.com:

    Is this issue still present with CAdroid 0.9?


    Reply to this email directly or view it on GitHub.

    End-to-end-verschlüsselt bin ich unter odo@protonmail.ch zu erreichen.


  • developer

    I have reproduced the issue, but it seems to be an issue of the Java error message. When I enter "10.0.0.1" or "10.0.0.1:80" in CAdroid, it tried to connect to 10.0.0.1 (port 80), which will fail because there's a HTTP server on this port. Then CAdroid will show the error message "Connection closed by peer".

    So, this is working as intended, only the error message shows a misleading "/" in front of the IP address. This error message is not created by CAdroid but by Android's Java (HttpsUrlConnection).

    Please note that IP addresses as hostname won't work unless the CN or subjAltName IP Address is set to the IP address.

    Please give me more details about your IP address, your port, your general setup, the exact error message etc.



  • I also have an issue with a self-certificate using my Synology NAS (and an IP adress).
    it's ok for me to access to my Synology with IP (even with not standard port using :###). I obtain Certificate Details but :

    Basic Constraints extension:
    Basic Constraints extension not present, thus no CA flag

    X.509 v3+ certifcates may contain extensions. One of these extensions is the Basic Constraints extension [...]
    The CA flag of this certificate is not set or FALSE, so Android would import the certificate without showing an error, but it wouldn't appear in the list and wouldn't be usable.

    I think it's more a problem of misconfiguration on my Synology, but is there any workaround for CADroid ?

    Thx,
    Jeey


  • developer

    I think it's more a problem of misconfiguration on my Synology, but is there any workaround for CADroid ?

    The constraint is given by Android, not by CAdroid. Please read carefully: Android would import the certificate without showing an error, but it wouldn't appear in the list and wouldn't be usable.

    I don't know how to say it better – if you have a suggestion, please tell me.



  • I have the very same error. Maybe a cipher suite or new protocol that's not supported by CAdroid?


  • developer

    As there are too many different questions and issues in this issue, please open a new one if your problem still persists with CAdroid 0.9.9 (to be released soon).


Log in to reply
 

Looks like your connection to Bitfire App Forums was lost, please wait while we try to reconnect.